Security News

Starting in April 2023, Amazon S3 will change the default security configuration for all new S3 buckets.For new buckets created after this date, S3 Block Public Access will be enabled, and S3 access control lists will be disabled.

A Canadian system administrator discovered that an Android TV box purchased from Amazon was pre-loaded with persistent, sophisticated malware baked into its firmware. The device in question is the T95 Android TV box with an AllWinner T616 processor, widely available through Amazon, AliExpress, and other big e-commerce platforms.

A severe security flaw in the Amazon ECR Public Gallery could have allowed attackers to delete any container image or inject malicious code into the images of other AWS accounts.Amazon ECR Public Gallery is a public repository of container images used for sharing ready-to-use applications and popular Linux distributions, such as Nginx, EKS Distro, Amazon Linux, CloudWatch agent, and Datadog agent.

A critical security flaw has been disclosed in Amazon Elastic Container Registry Public Gallery that could have been potentially exploited to stage a multitude of attacks, according to cloud security firm Lightspin. "By exploiting this vulnerability, a malicious actor could delete all images in the Amazon ECR Public Gallery or update the image contents to inject malicious code," Gafnit Amiga, director of security research at Lightspin, said in a report shared with The Hacker News.

Amazon Web Services has resolved a cross-tenant vulnerability in its platform that could be weaponized by an attacker to gain unauthorized access to resources. "This attack abuses the AppSync service to assume roles in other AWS accounts, which allows an attacker to pivot into a victim organization and access resources in those accounts," Datadog researcher Nick Frichette said in a report published last week.

Amazon Web Services has resolved a cross-tenant vulnerability in its platform that could be weaponized by an attacker to gain unauthorized access to resources."This attack abuses the AppSync service to assume roles in other AWS accounts, which allows an attacker to pivot into a victim organization and access resources in those accounts," Datadog researcher Nick Frichette said in a report published last week.

Hundreds of databases on Amazon Relational Database Service are exposing personal identifiable information, new findings from Mitiga, a cloud incident response company, show. Amazon RDS is a web service that makes it possible to set up relational databases in the Amazon Web Services cloud.

Apple fixes exploited zero-days: Update your devices!Apple has released security updates for iOS, iPadOS, and macOS Monterey to fix CVE-2022-32894 and CVE-2022-32893, two code execution vulnerabilities exploited by attackers in the wild. 1,900 Signal users exposed following Twilio breachThe attacker behind the recent Twilio data breach may have accessed phone numbers and SMS registration codes for 1,900 users of the popular secure messaging app Signal.

Amazon acquired the doorbell maker for about $1 billion in 2018. Application security firm Checkmarx explained it identified a cross-site scripting flaw that it said could be weaponized as part of an attack chain to trick victims into installing a malicious app.

How phishing attacks are exploiting Amazon Web Services. Cybercriminals prefer to use legitimate sites and services in their phishing scams, not just to trick unsuspecting victims but to sneak past security scanners that would otherwise block traffic from a suspicious site.